WordPress Security Crisis: Hackers Exploit Thousands of Sites in Sophisticated Malware Campaign
A massive campaign compromised thousands of WordPress websites to distribute malware through blockchain-based infrastructure. The sophisticated operation used social engineering tactics to trick users into executing malicious commands on their systems.
Widespread WordPress Compromises
More than 14,000 WordPress websites were systematically compromised and transformed into malware distribution platforms, according to reports from Google‘s Threat Intelligence Group. The campaign, attributed to threat actor UNC5142, represents one of the most extensive web-based malware operations uncovered in recent years. Security analysts suggest the indiscriminate targeting focused on WordPress installations with vulnerable plugins, theme files, and in some cases, the WordPress database itself.